[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LedgerSMB rpm spec

Chris Travers wrote, On 10/19/2006 01:18 AM:
Would it be easier just to include by default a .htaccess file that
would deny access to the admin.pl with instructions on how to remove
it?  Once you go to the admin.pl screen, if it has a blank password,
you will get prompted to enter another one.

So the .htaccess should be included in the rpm? In that case an upgrade would introduce it again...

With the .htaccess solution, we can provide a nice description of what
needs to be done to allow access, etc.

What I want to avoid is people having to spend too much time looking
for documentation when RPM's ideally should be plug and play.

Yeah. The package info is the first place I would look. I wouldn't know which url to look at or which of the many docs in the RPM to read.

IF you think the url to admin.pl is intuitive, then I would rather suggest:
admin.pl currently detects a blank password and asks for one.
Similarly, if the "crypted" string is "DEFAULT" then admin.pl could tell the user to remove the line or whole file. The RPM could then contain a config file with the password set to DEFAULT...

BTW, I will probably add dependencies for DBI and PostgreSQL (since we
don't support other db's at the moment).  Hope this helps.

The spec already has that. Installing the rpm with yum will install all dependencies too.